Bug 1781810 (CVE-2019-19543)
Summary: | CVE-2019-19543 kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, airlied, bdettelb, bhu, blc, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, qzhao, rparrazo, rt-maint, rvrbovsk, steved, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in the Linux kernel’s infrared serial module. An attacker could use this flaw to corrupt memory and possibly escalate privileges.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-11-04 02:23:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1781811, 1802396, 1802397, 1802398 | ||
Bug Blocks: | 1781812 |
Description
Guilherme de Almeida Suckevicz
2019-12-10 16:11:24 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1781811] This was fixed for Fedora with the 5.1.6 stable kernel update. So, I'm rating this moderate, because: :- only able to be triggered during the failure to load the module :- triggerable only during the load of the module ( administrative privileges required). This doesn't qualify for Z stream/EUS fixes but if you have hardware / a situation that this can be triggered on, I'd be willing to change my mind. Mitigation: As the module will be auto-loaded when the relevant hardware is required, its use can be disabled by preventing the module from loading with the following instructions: # echo "install serial_ir /bin/true" >> /etc/modprobe.d/disable-serial-ir.conf The system will need to be restarted if the CIFS modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19543 |